Merge pull request #1218 from Enzime/push-rnmuskqvosws

github-runner: fix service not starting
author: Domen Kožar <domen@enlambda.com> 2024-12-07 11:26:48 +0000
committer: GitHub <noreply@github.com> 2024-12-07 11:26:48 +0000
commit: 9c3d8ff051fe8e4c866c9d9b28d3ff502e1e2974 (patch)
tree: 6a8995300a47d9ad9847c66347af19755b232730
parent: 55d07816a0944f06a9df5ef174999a72fa4060c7 (diff)
parent: 8752b6ae3c0d6b44ca4ef28e50503f8efcec0096 (diff)
2 files changed, 23 insertions, 12 deletions
diff --git a/modules/services/github-runner/options.nix b/modules/services/github-runner/options.nix
index 8f98aa0..5152cc4 100644
--- a/modules/services/github-runner/options.nix
+++ b/modules/services/github-runner/options.nix
@@ -3,7 +3,9 @@
 , ...
 }:
 
-with lib;
+let
+  inherit (lib) literalExpression mkOption mkPackageOption types;
+in
 {
   options.services.github-runners = mkOption {
     description = ''
@@ -88,6 +90,9 @@ with lib;
 
             Changing this option or the `tokenFile`’s content triggers a new runner registration.
 
+            You can also manually trigger a new runner registration by deleting
+            {file}`/var/lib/github-runners/<name>/.runner` and restarting the service.
+
             We suggest using the fine-grained PATs. A runner registration token is valid
             only for 1 hour after creation, so the next time the runner configuration changes
             this will give you hard-to-debug HTTP 404 errors in the configure step.
diff --git a/modules/services/github-runner/service.nix b/modules/services/github-runner/service.nix
index 21d908e..029f863 100644
--- a/modules/services/github-runner/service.nix
+++ b/modules/services/github-runner/service.nix
@@ -1,6 +1,10 @@
 { config, lib, pkgs, ... }:
-with lib;
+
 let
+  inherit (lib) any attrValues boolToString concatStringsSep escapeShellArg
+    flatten flip getExe getExe' hasAttr hasPrefix mapAttrsToList mapAttrs' mkBefore
+    mkDefault mkIf mkMerge nameValuePair optionalAttrs optionalString replaceStrings;
+
   mkSvcName = name: "github-runner-${name}";
   mkStateDir = cfg: "/var/lib/github-runners/${cfg.name}";
   mkLogDir = cfg: "/var/log/github-runners/${cfg.name}";
@@ -51,15 +55,17 @@ in
           (
             umask -S u=rwx,g=rx,o= > /dev/null
 
-            ${pkgs.coreutils}/bin/mkdir -p ${escapeShellArg (mkStateDir cfg)}
-            ${pkgs.coreutils}/bin/chown ${user}:${group} ${escapeShellArg (mkStateDir cfg)}
+            ${getExe' pkgs.coreutils "mkdir"} -p ${escapeShellArg (mkStateDir cfg)}
+            ${getExe' pkgs.coreutils "chown"} ${user}:${group} ${escapeShellArg (mkStateDir cfg)}
 
-            ${pkgs.coreutils}/bin/mkdir -p ${escapeShellArg (mkLogDir cfg)}
-            ${pkgs.coreutils}/bin/chown ${user}:${group} ${escapeShellArg (mkLogDir cfg)}
+            ${getExe' pkgs.coreutils "mkdir"} -p ${escapeShellArg (mkLogDir cfg)}
+            # launchd will fail to start the service if the outer direction doesn't have sufficient permissions
+            ${getExe' pkgs.coreutils "chmod"} o+rx ${escapeShellArg (mkLogDir { name = ""; })}
+            ${getExe' pkgs.coreutils "chown"} ${user}:${group} ${escapeShellArg (mkLogDir cfg)}
 
             ${optionalString (cfg.workDir == null) ''
-              ${pkgs.coreutils}/bin/mkdir -p ${escapeShellArg (mkWorkDir cfg)}
-              ${pkgs.coreutils}/bin/chown ${user}:${group} ${escapeShellArg (mkWorkDir cfg)}
+              ${getExe' pkgs.coreutils "mkdir"} -p ${escapeShellArg (mkWorkDir cfg)}
+              ${getExe' pkgs.coreutils "chown"} ${user}:${group} ${escapeShellArg (mkWorkDir cfg)}
             ''}
           )
         '');
@@ -123,7 +129,7 @@ in
                 else
                   args+=(--token "$token")
                 fi
-                ${package}/bin/config.sh "''${args[@]}"
+                ${getExe' package "config.sh"} "''${args[@]}"
               '';
             };
           in
@@ -131,12 +137,12 @@ in
             echo "Configuring GitHub Actions Runner"
 
             # Always clean the working directory
-            ${pkgs.findutils}/bin/find ${escapeShellArg workDir} -mindepth 1 -delete
+            ${getExe pkgs.findutils} ${escapeShellArg workDir} -mindepth 1 -delete
 
             # Clean the $RUNNER_ROOT if we are in ephemeral mode
             if ${boolToString cfg.ephemeral}; then
               echo "Cleaning $RUNNER_ROOT"
-              ${pkgs.findutils}/bin/find "$RUNNER_ROOT" -mindepth 1 -delete
+              ${getExe pkgs.findutils} "$RUNNER_ROOT" -mindepth 1 -delete
             fi
 
             # If the `.runner` file does not exist, we assume the runner is not configured
@@ -145,7 +151,7 @@ in
             fi
 
             # Start the service
-            ${package}/bin/Runner.Listener run --startuptype service
+            ${getExe' package "Runner.Listener"} run --startuptype service
           '';
 
         serviceConfig = mkMerge [
author	Domen Kožar <domen@enlambda.com>	2024-12-07 11:26:48 +0000
committer	GitHub <noreply@github.com>	2024-12-07 11:26:48 +0000
commit	9c3d8ff051fe8e4c866c9d9b28d3ff502e1e2974 (patch)
tree	6a8995300a47d9ad9847c66347af19755b232730
parent	55d07816a0944f06a9df5ef174999a72fa4060c7 (diff)
parent	8752b6ae3c0d6b44ca4ef28e50503f8efcec0096 (diff)